From b69f95fa60840cd004fae628899aff7abc2c7530 Mon Sep 17 00:00:00 2001
From: "RPA(OpenERP)" <>
Date: Wed, 28 Oct 2009 11:52:20 +0530
Subject: [PATCH] Added functionality to prevent database list while server
 hase list_db=False

bzr revid: hda@tinyerp.com-20091028062220-11i2s85pqrfjs4c2
---
 bin/service/web_services.py | 3 +++
 bin/tools/config.py         | 4 +++-
 2 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/bin/service/web_services.py b/bin/service/web_services.py
index 95d080c40af..b89fa829266 100644
--- a/bin/service/web_services.py
+++ b/bin/service/web_services.py
@@ -298,6 +298,9 @@ class db(netsvc.Service):
         db = sql_db.db_connect('template1')
         cr = db.cursor()
         try:
+            list_db = tools.config["list_db"]
+            if list_db == 'False':
+                return []
             try:
                 db_user = tools.config["db_user"]
                 if not db_user and os.name == 'posix':
diff --git a/bin/tools/config.py b/bin/tools/config.py
index 7085353607f..f9d381a5b72 100644
--- a/bin/tools/config.py
+++ b/bin/tools/config.py
@@ -79,6 +79,7 @@ class configmanager(object):
             'assert_exit_level': logging.WARNING, # level above which a failed assert will be raise
             'cache_timeout': 100000,
             'login_message': False,
+            'list_db' : True,
         }
 
         hasSSL = check_ssl()
@@ -156,6 +157,7 @@ class configmanager(object):
         group.add_option("--db_port", dest="db_port", help="specify the database port", type="int")
         group.add_option("--db_maxconn", dest="db_maxconn", default='64',
                          help="specify the the maximum number of physical connections to posgresql")
+        group.add_option("--list_db", dest="list_db", default=False, help="This option hides Database list for security purpose:\n \'False\' value disables listing of Databases")
         group.add_option("-P", "--import-partial", dest="import_partial",
                          help="Use this for big data importation, if it crashes you will be able to continue at the current state. Provide a filename to store intermediate importation states.", default=False)
         parser.add_option_group(group)
@@ -216,7 +218,7 @@ class configmanager(object):
             self.options['pidfile'] = False
 
         keys = ['interface', 'port', 'db_name', 'db_user', 'db_password', 'db_host',
-                'db_port', 'logfile', 'pidfile', 'smtp_port', 'cache_timeout',
+                'db_port', 'list_db', 'logfile', 'pidfile', 'smtp_port', 'cache_timeout',
                 'email_from', 'smtp_server', 'smtp_user', 'smtp_password', 'price_accuracy',
                 'netinterface', 'netport', 'db_maxconn', 'import_partial', 'addons_path']